Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
setup.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
initial sample
|
 |
|
|
C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\chrome.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\pssED0B.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Local\Temp\scrECF8.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Users\user\AppData\Roaming\Chromstera Solutions\Chromstera Browser 1.0.0.0\install\Chromnius-Main.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {2BF917DE-5B34-453F-A1C8-08CE02C334FC},
Number of Words: 2, Subject: Chromstera Browser, Author: Chromstera Solutions, Name of Creating Application: Chromstera Browser,
Template: x64;1033, Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri Aug 11 12:56:12
2023, Number of Pages: 200
|
dropped
|
|
|
|
C:\Windows\Installer\6bc77d.msi
|
Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Last Printed: Fri Dec 11 11:47:44
2009, Last Saved Time/Date: Fri Sep 18 15:06:51 2020, Security: 0, Code page: 1252, Revision Number: {2BF917DE-5B34-453F-A1C8-08CE02C334FC},
Number of Words: 2, Subject: Chromstera Browser, Author: Chromstera Solutions, Name of Creating Application: Chromstera Browser,
Template: x64;1033, Title: Installation Database, Keywords: Installer, MSI, Database, Create Time/Date: Fri Aug 11 12:56:12
2023, Number of Pages: 200
|
dropped
|
|
|
|
C:\Windows\Installer\MSI4739.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
dropped
|
|
|
|
C:\Windows\Installer\MSICC46.tmp
|
data
|
dropped
|
|
|
|
C:\Windows\Installer\MSIFB77.tmp
|
PE32+ executable (GUI) x86-64, for MS Windows
|
modified
|
|
|
|
C:\Windows\SystemTemp\pssD27E.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Windows\SystemTemp\scrD25C.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
|
|
|
C:\Config.Msi\6bc77e.rbs
|
data
|
dropped
|
||
|
C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\edb.log
|
data
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.db
|
Extensible storage engine DataBase, version 0x620, checksum 0x75276603, page size 16384, DirtyShutdown, Windows version 10.0
|
dropped
|
||
|
C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm
|
data
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
|
Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks,
0x1 compression
|
dropped
|
||
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\New
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\Up
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\aischeduler2.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\banner.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x59, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\banner.scale125.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 625x74, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\banner.scale150.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 938x111, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\banner.scale200.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1875x222, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\banner.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\cmdlinkarrow
|
MS Windows icon resource - 3 icons, 16x16, 16 colors, 4 bits/pixel, 16x16, 8 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\completi
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\custicon
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\dialog.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x316, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\dialog.scale125.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 625x395, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\dialog.scale150.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 938x593, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\dialog.scale200.jpg
|
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1875x1185, components
3
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\dialog.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\exclamic
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_left.bmp
|
PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_left_inactive.bmp
|
PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_mid.bmp
|
PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_mid_inactive.bmp
|
PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_right.bmp
|
PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_bottom_right_inactive.bmp
|
PC bitmap, Windows 3.x format, 3 x 3 x 24, image size 38, resolution 3778 x 3778 px/m, cbSize 92, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_caption.bmp
|
PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_caption_inactive.bmp
|
PC bitmap, Windows 3.x format, 1 x 22 x 24, image size 90, resolution 3778 x 3778 px/m, cbSize 144, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_left.bmp
|
PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_left_inactive.bmp
|
PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_right.bmp
|
PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_right_inactive.bmp
|
PC bitmap, Windows 3.x format, 3 x 1 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_left.bmp
|
PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_left_inactive.bmp
|
PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_mid.bmp
|
PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_mid_inactive.bmp
|
PC bitmap, Windows 3.x format, 1 x 3 x 24, image size 14, resolution 3778 x 3778 px/m, cbSize 68, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_right.bmp
|
PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\frame_top_right_inactive.bmp
|
PC bitmap, Windows 3.x format, 6 x 25 x 24, image size 502, resolution 3779 x 3779 px/m, cbSize 556, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\info
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\insticon
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\lzmaextractor.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\removico
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\repairic
|
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\sys_min_down.bmp
|
PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\sys_min_hot.bmp
|
PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\sys_min_inactive.bmp
|
PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\sys_min_normal.bmp
|
PC bitmap, Windows 3.x format, 27 x 17 x 24, image size 1430, resolution 3778 x 3778 px/m, cbSize 1484, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\tabback
|
PC bitmap, Windows 3.x format, 1 x 200 x 24, cbSize 854, bits offset 54
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\tempFiles.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\AI_EXTUI_BIN_7404\viewer.exe
|
PE32 executable (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3193.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3230.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3250.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3290.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI32CF.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI32EF.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI331F.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3340.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3360.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI34E7.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3517.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI3566.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI35A6.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\MSI35E5.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
modified
|
||
|
C:\Users\user\AppData\Local\Temp\Pro13F3.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\ProED1B.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0conodoz.p1d.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0ezhapiw.zc3.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_agxkquqf.zxt.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_amq3vsj0.1es.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_km0ehg4q.qop.ps1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_o1e3j2xm.4kk.psm1
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\edge.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\finish.bat
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\pss1394.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\scr1333.ps1
|
Unicode text, UTF-16, little-endian text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\shi3105.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\shiC6A3.tmp
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Chromstera Solutions\Chromstera Browser 1.0.0.0\install\Chromnius-Main1.cab
|
Microsoft Cabinet archive data, many, 537602 bytes, 3 files, at 0x44 +A "manifest.json" +A "service.js", flags 0x4, ID 1234,
number 1, extra bytes 20 in head, 37 datablocks, 0x1 compression
|
dropped
|
||
|
C:\Windows\Installer\MSI11D0.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIC933.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIC9EF.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSICA7D.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSICAEB.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSICB79.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSICBB9.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSICC66.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSID04F.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSID11C.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\MSIEC26.tmp
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Windows\Installer\SourceHash{441BEFA6-D7B1-4C8C-8CF9-5A4D6215E43D}
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Installer\inprogressinstallinfo.ipi
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.log
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\ProD28F.tmp
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Windows\Temp\~DF41C2E1EFD4B4AE7A.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF65B9870B20D59392.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DF8A79F01E0058BCB6.TMP
|
data
|
dropped
|
||
|
C:\Windows\Temp\~DFD70B4A65507E3CBD.TMP
|
Composite Document File V2 Document, Cannot read section info
|
dropped
|
||
|
C:\apps-helper\manifest.json
|
JSON data
|
dropped
|
||
|
C:\apps-helper\service.js
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
\Device\Null
|
ASCII text, with CRLF line terminators, with overstriking
|
dropped
|
There are 109 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\setup.exe
|
"C:\Users\user\Desktop\setup.exe"
|
|
|
|
C:\Windows\System32\msiexec.exe
|
C:\Windows\system32\msiexec.exe /V
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding DD3B85FC1F11BB110F90DDDEF4702234 C
|
|
|
|
C:\Users\user\Desktop\setup.exe
|
"C:\Users\user\Desktop\setup.exe" /i "C:\Users\user\AppData\Roaming\Chromstera Solutions\Chromstera Browser 1.0.0.0\install\Chromnius-Main.msi"
AI_EUIMSI=1 APPDIR="C:\Program Files (x86)\Chromstera Browser" SECONDSEQUENCE="1" CLIENTPROCESSID="7404" AI_MORE_CMD_LINE=1
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding C76E3ECFDACF14783EC0EC85D3ECBB2C
|
|
|
|
C:\Windows\SysWOW64\msiexec.exe
|
C:\Windows\syswow64\MsiExec.exe -Embedding CB2789DE8A953DFC6FBB92EF73C3F598 E Global\MSI0000
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Windows\SystemTemp\pssD27E.ps1" -propFile "C:\Windows\SystemTemp\msiD25B.txt"
-scriptFile "C:\Windows\SystemTemp\scrD25C.ps1" -scriptArgsFile "C:\Windows\SystemTemp\scrD25D.txt" -propSep " :<->: " -lineSep
" <<:>> " -testPrefix "_testValue."
|
|
|
|
C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe
|
"C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe"
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Temp\pssED0B.ps1" -propFile "C:\Users\user\AppData\Local\Temp\msiECF7.txt"
-scriptFile "C:\Users\user\AppData\Local\Temp\scrECF8.ps1" -scriptArgsFile "C:\Users\user\AppData\Local\Temp\scrECF9.txt"
-propSep " :<->: " -lineSep " <<:>> " -testPrefix "_testValue."
|
|
|
|
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
|
-NoProfile -Noninteractive -ExecutionPolicy Bypass -File "C:\Users\user\AppData\Local\Temp\pss1394.ps1" -propFile "C:\Users\user\AppData\Local\Temp\msi1332.txt"
-scriptFile "C:\Users\user\AppData\Local\Temp\scr1333.ps1" -scriptArgsFile "C:\Users\user\AppData\Local\Temp\scr1334.txt"
-propSep " :<->: " -lineSep " <<:>> " -testPrefix "_testValue."
|
|
|
|
C:\Windows\Installer\MSI4739.tmp
|
"C:\Windows\Installer\MSI4739.tmp" /EnforcedRunAsAdmin /RunAsAdmin /HideWindow /dir "C:\Users\user\AppData\Local\Temp\" "C:\Users\user\AppData\Local\Temp\chrome.bat"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C ""C:\Users\user\AppData\Local\Temp\chrome.bat" "
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Policies\Google\Chrome\ExtensionInstallAllowlist" /v "1" /t REG_SZ /d /f
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Google\Chrome\Extensions\" /v "path" /t REG_SZ /d /f
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Google\Chrome\Extensions\" /v "version" /t REG_SZ /d /f
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Policies\Google\Chrome\ExtensionInstallAllowlist" /v "1" /t REG_SZ /d /f
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Google\Chrome\Extensions\" /v "path" /t REG_SZ /d /f
|
|
|
|
C:\Windows\System32\reg.exe
|
REG ADD "\Google\Chrome\Extensions\" /v "version" /t REG_SZ /d /f
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --profile-directory="Default" --no-startup-window --load-extension="C:\apps-helper"
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=2012,i,10222868034098351333,13685129222229150854,262144
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2064 --field-trial-handle=2012,i,17522224552689378138,6417613085102451852,262144
/prefetch:8
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
|
|
|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2044 --field-trial-handle=1992,i,14024855596687576691,10802708795507051728,262144
/prefetch:8
|
|
|
|
C:\Windows\Installer\MSIFB77.tmp
|
"C:\Windows\Installer\MSIFB77.tmp" /EnforcedRunAsAdmin /RunAsAdmin /HideWindow /dir "C:\Users\user\AppData\Local\Temp\" "C:\Users\user\AppData\Local\Temp\edge.bat"
|
|
|
|
C:\Windows\System32\cmd.exe
|
"C:\Windows\System32\cmd.exe" /C ""C:\Users\user\AppData\Local\Temp\edge.bat" "
|
|
|
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\svchost.exe
|
C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 2
|
||
|
C:\Windows\System32\timeout.exe
|
timeout 5
|
||
|
C:\Windows\System32\conhost.exe
|
C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
|
There are 43 hidden processes, click here to show them.
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://chromsteraupdates.com/download/updates.txt
|
104.21.8.139
|
|
|
|
http://html4/loose.dtd
|
unknown
|
||
|
https://chromsteraupdates.com/download/updates.txtB3
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=426&v=4.4&time=1730139128
|
188.114.97.3
|
||
|
https://go.microsoft.co
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txt$T
|
unknown
|
||
|
http://cacerts.digicert.cX
|
unknown
|
||
|
https://contoso.com/License
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtater.
|
unknown
|
||
|
https://www.chromstera.comz
|
unknown
|
||
|
https://chromsteraupdates.com/
|
unknown
|
||
|
https://www.chromstera.comh
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2.C:
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=426
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=426&v=4.4
|
unknown
|
||
|
http://.css
|
unknown
|
||
|
http://secure.chromstera.com
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=426&v=4.4&time=
|
unknown
|
||
|
https://www.chromstera.comARPSYSTEMCOMPONENTARPURLINFOABOUTARPURLUPDATEINFOExtractFilesFirstWindowsT
|
unknown
|
||
|
https://g.live.com/odclientsettings/Prod.C:
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtN
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2
|
unknown
|
||
|
https://www.chromstera.com
|
unknown
|
||
|
https://contoso.com/
|
unknown
|
||
|
https://nuget.org/nuget.exe
|
unknown
|
||
|
https://www.chromstera.commu
|
unknown
|
||
|
http://www.google.com
|
unknown
|
||
|
https://www.chromstera.comrT/
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txt8
|
unknown
|
||
|
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
|
unknown
|
||
|
http://.jpg
|
unknown
|
||
|
https://g.live.com/1rewlive5skydrive/OneDriveProductionV2?OneDriveUpdate=9c123752e31a927b78dc96231b6
|
unknown
|
||
|
https://chromsteraupdates.com/download/updates.txttd
|
unknown
|
||
|
http://nuget.org/NuGet.exe
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtromstera
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=426&v=
|
unknown
|
||
|
https://www.chromstera.com/installer/
|
unknown
|
||
|
http://pesterbdd.com/images/Pester.png
|
unknown
|
||
|
https://secure.c
|
unknown
|
||
|
http://www.apache.org/licenses/LICENSE-2.0.html
|
unknown
|
||
|
https://go.micro
|
unknown
|
||
|
https://chromsterabrowser.com/
|
unknown
|
||
|
https://contoso.com/Icon
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic/?adv=
|
unknown
|
||
|
http://crl.ver)
|
unknown
|
||
|
http://www.yahoo.com
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtDS
|
unknown
|
||
|
https://github.com/Pester/Pester
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txt
|
unknown
|
||
|
https://chrome.cloudflare-dns.com/dns-query
|
162.159.61.3
|
||
|
https://www.chromstera.comT
|
unknown
|
||
|
https://g.live.com/odclientsettings/ProdV2?OneDriveUpdate=f359a5df14f97b6802371976c96
|
unknown
|
||
|
https://secure.chromstera.com
|
unknown
|
||
|
http://crl3.digicert.coT
|
unknown
|
||
|
https://www.chromstera.comY
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtAI_NEWERPRODUCTFOUND
|
unknown
|
||
|
https://secure.chromstera.com/cross/crx3dynamic
|
unknown
|
||
|
https://aka.ms/pscore68
|
unknown
|
||
|
https://chromsteraupdates.com/download/updates.txtl
|
unknown
|
||
|
https://chromsteraupdates.com/download/updates.txtCheckFrequencyDownloads
|
unknown
|
||
|
https://clients2.googleusercontent.com/crx/blobs/AYA8VyyVmiyWvldTRU0qGaR4RUSL6-YrG6uKRsMPsRWu4uzTWsENQ0Oe4TwjJlNxU5Vx3wW0XCsKQHAJ2XkWCO0eQ7UF3N9B6xg6w6N4ZQ_ezL5_s1EfR63s25vMOuhpdI4AxlKa5cntVqVuAOGwNK_pRVduNn5fPIzZ/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_83_1_0.crx
|
172.217.16.193
|
||
|
https://www.chromstera.combmp
|
unknown
|
||
|
https://www.chromstera.comM
|
unknown
|
||
|
https://www.chromstera.compl
|
unknown
|
||
|
https://chromsteraupdates.com/download/updates.txtY0
|
unknown
|
||
|
https://chromsterabrowser.com/download/updates.txtr
|
unknown
|
There are 56 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
chromsteraupdates.com
|
104.21.8.139
|
|
|
|
chrome.cloudflare-dns.com
|
162.159.61.3
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
secure.chromstera.com
|
188.114.97.3
|
||
|
googlehosted.l.googleusercontent.com
|
172.217.16.193
|
||
|
clients2.googleusercontent.com
|
unknown
|
||
|
chromsterabrowser.com
|
unknown
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.21.8.139
|
chromsteraupdates.com
|
United States
|
|
|
|
192.168.2.4
|
unknown
|
unknown
|
|
|
|
188.114.97.3
|
secure.chromstera.com
|
European Union
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
127.0.0.1
|
unknown
|
unknown
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\4EFC31460C619ECAE59C1BCE2C008036D94C84B8
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1
|
Blob
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\8094640EB5A7A1CA119C1FDDD59F810263A7FBD1
|
Blob
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Owner
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
SessionHash
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Microsoft\RestartManager\Session0000
|
Sequence
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Config.Msi\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bc77e.rbs
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Rollback\Scripts
|
C:\Config.Msi\6bc77e.rbsLow
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F57B747BD43D094DBF5723045C8E5A0
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3A4DD8DFE7AD1894EB7FB36CFD13B6D5
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4C369967D428E6145958CFCA0651BB05
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60587BBD68767914BAE6C5B889FCC527
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8138415ED7EAA79498007306C87584C9
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\32B2BF0D13182264EB2654CA7BC6C0B2
|
6AFEB1441B7DC8C4C89FA5D426514ED3
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\Program Files (x86)\Chromstera Browser\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders
|
C:\apps-helper\
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Caphyon\Advanced Installer\LZMA\{441BEFA6-D7B1-4C8C-8CF9-5A4D6215E43D}\1.0.0.0
|
AI_ExePath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
Comments
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
DisplayVersion
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
Contact
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
DisplayIcon
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
DisplayName
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
EstimatedSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
HelpLink
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
HelpTelephone
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
InstallLocation
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
URLUpdateInfo
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
ModifyPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
NoRepair
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
Publisher
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
Readme
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
URLInfoAbout
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
UninstallPath
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
UninstallString
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
VersionMajor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chromstera Browser 1.0.0.0
|
VersionMinor
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Chromstera Solutions\Chromstera Browser
|
Version
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Chromstera Solutions\Chromstera Browser
|
Path
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Caphyon\Advanced Installer\Scheduled Tasks\{F82AF5DB-E99C-41D4-AAE0-B8E22E7D0F21}
|
AI_updater
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Caphyon\Advanced Installer\Scheduled Tasks\{F82AF5DB-E99C-41D4-AAE0-B8E22E7D0F21}
|
AI_updater_ID
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASAPI32
|
FileDirectory
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableAutoFileTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
EnableConsoleTracing
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
ConsoleTracingMask
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
MaxFileSize
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\powershell_RASMANCS
|
FileDirectory
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Caphyon\Advanced Updater\{F82AF5DB-E99C-41D4-AAE0-B8E22E7D0F21}
|
C:\Program Files (x86)\Chromstera Browser\ChromsteraUpdater.exe
|
||
|
HKEY_CURRENT_USER\SOFTWARE\Caphyon\Advanced Updater\{F82AF5DB-E99C-41D4-AAE0-B8E22E7D0F21}\Settings
|
LastModified
|
||
|
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS
|
PerfMMFileName
|
There are 49 hidden registries, click here to show them.
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
7FFD9B4A2000
|
trusted library allocation
|
page read and write
|
||
|
278DA252000
|
trusted library allocation
|
page read and write
|
||
|
2954F5D0000
|
heap
|
page read and write
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
2D9C4CC000
|
stack
|
page read and write
|
||
|
3C5A000
|
heap
|
page read and write
|
||
|
7FF77C112000
|
unkown
|
page write copy
|
||
|
7FFD9B580000
|
trusted library allocation
|
page read and write
|
||
|
1ED95968000
|
heap
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
5CCE000
|
stack
|
page read and write
|
||
|
278DA390000
|
trusted library allocation
|
page read and write
|
||
|
1BA70170000
|
heap
|
page readonly
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
1567CE22000
|
heap
|
page read and write
|
||
|
202A4210000
|
heap
|
page read and write
|
||
|
1966D5D9000
|
heap
|
page read and write
|
||
|
278DA1D0000
|
trusted library allocation
|
page read and write
|
||
|
7FF77C090000
|
unkown
|
page readonly
|
||
|
278DA51F000
|
heap
|
page read and write
|
||
|
278DA2F3000
|
trusted library allocation
|
page read and write
|
||
|
621F000
|
heap
|
page read and write
|
||
|
278D5E40000
|
trusted library section
|
page readonly
|
||
|
299B57C000
|
stack
|
page read and write
|
||
|
136F3610000
|
heap
|
page read and write
|
||
|
7FFD9B580000
|
trusted library allocation
|
page read and write
|
||
|
1567CDB8000
|
heap
|
page read and write
|
||
|
7FF77C0F5000
|
unkown
|
page readonly
|
||
|
1ED95890000
|
heap
|
page read and write
|
||
|
209FECD0000
|
heap
|
page read and write
|
||
|
3FBF000
|
stack
|
page read and write
|
||
|
218B4C30000
|
heap
|
page read and write
|
||
|
278DA420000
|
heap
|
page read and write
|
||
|
22F5E150000
|
heap
|
page read and write
|
||
|
3B2F000
|
stack
|
page read and write
|
||
|
14BD000
|
heap
|
page read and write
|
||
|
91F000
|
stack
|
page read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
6FC74FE000
|
stack
|
page read and write
|
||
|
840000
|
heap
|
page read and write
|
||
|
14498620000
|
heap
|
page read and write
|
||
|
4A389DC000
|
stack
|
page read and write
|
||
|
2DA020D0000
|
heap
|
page read and write
|
||
|
278D4E00000
|
heap
|
page read and write
|
||
|
3C6D000
|
heap
|
page read and write
|
||
|
22DA6CD0000
|
heap
|
page read and write
|
||
|
1BA70160000
|
trusted library allocation
|
page read and write
|
||
|
C498C7F000
|
stack
|
page read and write
|
||
|
248983E7000
|
heap
|
page read and write
|
||
|
1C4955C8000
|
heap
|
page read and write
|
||
|
D2414FB000
|
stack
|
page read and write
|
||
|
7FFD9B480000
|
trusted library allocation
|
page read and write
|
||
|
248985B8000
|
heap
|
page read and write
|
||
|
1D02A245000
|
heap
|
page read and write
|
||
|
182B5169000
|
heap
|
page read and write
|
||
|
181F73D0000
|
heap
|
page read and write
|
||
|
D241F7E000
|
stack
|
page read and write
|
||
|
278DA3B0000
|
trusted library allocation
|
page read and write
|
||
|
3C25000
|
heap
|
page read and write
|
||
|
D24227E000
|
stack
|
page read and write
|
||
|
3CDA000
|
heap
|
page read and write
|
||
|
1567CE01000
|
heap
|
page read and write
|
||
|
F2A9AFF000
|
stack
|
page read and write
|
||
|
278D5D30000
|
trusted library allocation
|
page read and write
|
||
|
6FC71F7000
|
stack
|
page read and write
|
||
|
3C5A000
|
heap
|
page read and write
|
||
|
5B8D000
|
heap
|
page read and write
|
||
|
3C44000
|
heap
|
page read and write
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
2526C112000
|
heap
|
page read and write
|
||
|
1567CDA0000
|
heap
|
page read and write
|
||
|
3C11000
|
heap
|
page read and write
|
||
|
4790000
|
trusted library section
|
page read and write
|
||
|
627A000
|
heap
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
3C56000
|
heap
|
page read and write
|
||
|
3C48000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
209FF280000
|
heap
|
page read and write
|
||
|
D2420FE000
|
stack
|
page read and write
|
||
|
D8C5B4C000
|
stack
|
page read and write
|
||
|
136F35E0000
|
heap
|
page read and write
|
||
|
278D4DB0000
|
trusted library section
|
page read and write
|
||
|
2A494430000
|
heap
|
page read and write
|
||
|
1DE000
|
unkown
|
page readonly
|
||
|
4168000
|
heap
|
page read and write
|
||
|
DF62D0E000
|
stack
|
page read and write
|
||
|
52E0000
|
unkown
|
page readonly
|
||
|
2A7DD250000
|
heap
|
page read and write
|
||
|
A96457F000
|
stack
|
page read and write
|
||
|
1BA70000000
|
heap
|
page read and write
|
||
|
EF3D1AE000
|
stack
|
page read and write
|
||
|
676A37F000
|
stack
|
page read and write
|
||
|
44083FE000
|
stack
|
page read and write
|
||
|
913000
|
heap
|
page read and write
|
||
|
D2411FE000
|
unkown
|
page readonly
|
||
|
48139BF000
|
stack
|
page read and write
|
||
|
278DA344000
|
trusted library allocation
|
page read and write
|
||
|
278DA251000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
3C56000
|
heap
|
page read and write
|
||
|
21B501F9000
|
heap
|
page read and write
|
||
|
602F000
|
stack
|
page read and write
|
||
|
1BA7006F000
|
heap
|
page read and write
|
||
|
5251000
|
heap
|
page read and write
|
||
|
3C6D000
|
heap
|
page read and write
|
||
|
5B80000
|
heap
|
page read and write
|
||
|
24880020000
|
trusted library allocation
|
page read and write
|
||
|
248FD853000
|
heap
|
page read and write
|
||
|
24898470000
|
heap
|
page read and write
|
||
|
278D571A000
|
heap
|
page read and write
|
||
|
A66D07C000
|
stack
|
page read and write
|
||
|
8F5000
|
heap
|
page read and write
|
||
|
142F000
|
heap
|
page read and write
|
||
|
202A4080000
|
heap
|
page read and write
|
||
|
1567CE1B000
|
heap
|
page read and write
|
||
|
1456000
|
heap
|
page read and write
|
||
|
278D571A000
|
heap
|
page read and write
|
||
|
2954DE00000
|
heap
|
page read and write
|
||
|
3A2B000
|
stack
|
page read and write
|
||
|
3C62000
|
heap
|
page read and write
|
||
|
1BA72550000
|
heap
|
page read and write
|
||
|
2E2B000
|
stack
|
page read and write
|
||
|
D2417FE000
|
unkown
|
page readonly
|
||
|
62E0000
|
heap
|
page read and write
|
||
|
5D60000
|
heap
|
page read and write
|
||
|
21B50390000
|
heap
|
page read and write
|
||
|
6299000
|
heap
|
page read and write
|
||
|
54D0000
|
heap
|
page read and write
|
||
|
12E595B0000
|
heap
|
page read and write
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
278DA2F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
2D9C54E000
|
stack
|
page read and write
|
||
|
2A4945B0000
|
heap
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
909000
|
heap
|
page read and write
|
||
|
7FFD9B400000
|
trusted library allocation
|
page execute and read and write
|
||
|
67699CE000
|
stack
|
page read and write
|
||
|
1ED95960000
|
heap
|
page read and write
|
||
|
29FF000
|
stack
|
page read and write
|
||
|
D240EFE000
|
stack
|
page read and write
|
||
|
1BA721B0000
|
heap
|
page read and write
|
||
|
28BF000
|
stack
|
page read and write
|
||
|
13A47EF0000
|
heap
|
page read and write
|
||
|
6B17000
|
unkown
|
page readonly
|
||
|
377AE7F000
|
stack
|
page read and write
|
||
|
7FFD9B480000
|
trusted library allocation
|
page execute and read and write
|
||
|
1567CDE0000
|
heap
|
page read and write
|
||
|
5300000
|
unkown
|
page readonly
|
||
|
244D9A49000
|
heap
|
page read and write
|
||
|
1BA71B85000
|
heap
|
page read and write
|
||
|
218B4EC5000
|
heap
|
page read and write
|
||
|
92C000
|
heap
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
278DB000000
|
heap
|
page read and write
|
||
|
93B000
|
heap
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
FEB000
|
stack
|
page read and write
|
||
|
182B5160000
|
heap
|
page read and write
|
||
|
7FFD9B2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
278D4E74000
|
heap
|
page read and write
|
||
|
1BA00001000
|
trusted library allocation
|
page read and write
|
||
|
278D4E9E000
|
heap
|
page read and write
|
||
|
67F0000
|
unkown
|
page readonly
|
||
|
DEB07C000
|
stack
|
page read and write
|
||
|
D240CFE000
|
unkown
|
page readonly
|
||
|
2526C300000
|
heap
|
page execute and read and write
|
||
|
2954DC39000
|
heap
|
page read and write
|
||
|
248FD920000
|
heap
|
page read and write
|
||
|
182B50F0000
|
heap
|
page read and write
|
||
|
7FFD9B2DB000
|
trusted library allocation
|
page read and write
|
||
|
D240FFE000
|
unkown
|
page readonly
|
||
|
1FD2FC10000
|
heap
|
page read and write
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
182B6BB5000
|
heap
|
page read and write
|
||
|
278DA45A000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
278D571A000
|
heap
|
page read and write
|
||
|
1A7EB549000
|
heap
|
page read and write
|
||
|
278D4E2B000
|
heap
|
page read and write
|
||
|
3C6A000
|
heap
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
288676A9000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
3C62000
|
heap
|
page read and write
|
||
|
51B2000
|
heap
|
page read and write
|
||
|
11729225000
|
heap
|
page read and write
|
||
|
7FFD9B480000
|
trusted library allocation
|
page execute and read and write
|
||
|
E9F000
|
unkown
|
page read and write
|
||
|
4B90000
|
unkown
|
page readonly
|
||
|
136F35F0000
|
heap
|
page read and write
|
||
|
1A7EB530000
|
heap
|
page read and write
|
||
|
3C6A000
|
heap
|
page read and write
|
||
|
6FC747E000
|
stack
|
page read and write
|
||
|
D8C5BCE000
|
stack
|
page read and write
|
||
|
278D570C000
|
heap
|
page read and write
|
||
|
24898800000
|
heap
|
page read and write
|
||
|
2526E09C000
|
heap
|
page read and write
|
||
|
244D9A20000
|
heap
|
page read and write
|
||
|
244D9C10000
|
heap
|
page read and write
|
||
|
1BA71A00000
|
trusted library allocation
|
page read and write
|
||
|
248FD89C000
|
heap
|
page read and write
|
||
|
218B4EC0000
|
heap
|
page read and write
|
||
|
2526C2A0000
|
heap
|
page readonly
|
||
|
7FFD9B3A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
181F74A0000
|
heap
|
page read and write
|
||
|
3D0E000
|
heap
|
page read and write
|
||
|
23009045000
|
heap
|
page read and write
|
||
|
1BA01E10000
|
trusted library allocation
|
page read and write
|
||
|
14498625000
|
heap
|
page read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
6FC71FE000
|
stack
|
page read and write
|
||
|
25201B3F000
|
trusted library allocation
|
page read and write
|
||
|
5310000
|
unkown
|
page readonly
|
||
|
144E000
|
heap
|
page read and write
|
||
|
1C495550000
|
heap
|
page read and write
|
||
|
21B50070000
|
heap
|
page read and write
|
||
|
3C6C000
|
heap
|
page read and write
|
||
|
1567CDD3000
|
heap
|
page read and write
|
||
|
12E595D0000
|
heap
|
page read and write
|
||
|
1BA72038000
|
heap
|
page read and write
|
||
|
1ED958E0000
|
heap
|
page read and write
|
||
|
248FD836000
|
heap
|
page read and write
|
||
|
D241C7E000
|
stack
|
page read and write
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
278D5702000
|
heap
|
page read and write
|
||
|
203A6810000
|
heap
|
page read and write
|
||
|
1BA701D0000
|
heap
|
page execute and read and write
|
||
|
3CC7000
|
heap
|
page read and write
|
||
|
106D000
|
stack
|
page read and write
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
2FAD000
|
stack
|
page read and write
|
||
|
3B6C000
|
stack
|
page read and write
|
||
|
203A68F0000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
1A7EB4C0000
|
heap
|
page read and write
|
||
|
24880090000
|
trusted library allocation
|
page read and write
|
||
|
1441000
|
heap
|
page read and write
|
||
|
6769D7E000
|
stack
|
page read and write
|
||
|
136F4FA0000
|
heap
|
page read and write
|
||
|
248FDA60000
|
heap
|
page read and write
|
||
|
248FF4C5000
|
heap
|
page read and write
|
||
|
278DA2A6000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
24881874000
|
trusted library allocation
|
page read and write
|
||
|
1966EE70000
|
heap
|
page read and write
|
||
|
30EB000
|
stack
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
24881C53000
|
trusted library allocation
|
page read and write
|
||
|
296977F000
|
stack
|
page read and write
|
||
|
278DA2DE000
|
trusted library allocation
|
page read and write
|
||
|
202A27A0000
|
heap
|
page read and write
|
||
|
2526C108000
|
heap
|
page read and write
|
||
|
2526C310000
|
heap
|
page read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
1438000
|
heap
|
page read and write
|
||
|
3C58000
|
heap
|
page read and write
|
||
|
1D0286C0000
|
heap
|
page read and write
|
||
|
A5E000
|
stack
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
2A3E000
|
stack
|
page read and write
|
||
|
2520008B000
|
trusted library allocation
|
page read and write
|
||
|
E0C000
|
unkown
|
page readonly
|
||
|
3C44000
|
heap
|
page read and write
|
||
|
F2A97ED000
|
stack
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
416B000
|
heap
|
page read and write
|
||
|
24E152D000
|
stack
|
page read and write
|
||
|
676A1FB000
|
stack
|
page read and write
|
||
|
2526E050000
|
heap
|
page read and write
|
||
|
D2418FE000
|
unkown
|
page readonly
|
||
|
24898490000
|
heap
|
page read and write
|
||
|
6230000
|
heap
|
page read and write
|
||
|
1424000
|
heap
|
page read and write
|
||
|
3C39000
|
heap
|
page read and write
|
||
|
2954DC30000
|
heap
|
page read and write
|
||
|
202A26C0000
|
heap
|
page read and write
|
||
|
1BA6FFC0000
|
heap
|
page read and write
|
||
|
5E7000
|
heap
|
page read and write
|
||
|
278DA265000
|
trusted library allocation
|
page read and write
|
||
|
22F5C838000
|
heap
|
page read and write
|
||
|
2526C220000
|
heap
|
page read and write
|
||
|
3C34000
|
heap
|
page read and write
|
||
|
1C495590000
|
heap
|
page read and write
|
||
|
278DA2B4000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
2489846A000
|
heap
|
page read and write
|
||
|
1BA72203000
|
heap
|
page read and write
|
||
|
248902B5000
|
trusted library allocation
|
page read and write
|
||
|
1567CDE0000
|
heap
|
page read and write
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
5330000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4D0000
|
trusted library allocation
|
page read and write
|
||
|
21B50150000
|
heap
|
page read and write
|
||
|
278D4C90000
|
heap
|
page read and write
|
||
|
6FC6BEE000
|
stack
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
278DA513000
|
heap
|
page read and write
|
||
|
181F7495000
|
heap
|
page read and write
|
||
|
4165000
|
heap
|
page read and write
|
||
|
62E0000
|
heap
|
page read and write
|
||
|
1ED958A0000
|
heap
|
page read and write
|
||
|
3B0B000
|
stack
|
page read and write
|
||
|
700000
|
heap
|
page read and write
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
14496AA0000
|
heap
|
page read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
3C2B000
|
heap
|
page read and write
|
||
|
244DB530000
|
heap
|
page read and write
|
||
|
7FFD9B396000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
656000
|
heap
|
page read and write
|
||
|
EBA457F000
|
stack
|
page read and write
|
||
|
5E1C000
|
stack
|
page read and write
|
||
|
278DA420000
|
heap
|
page read and write
|
||
|
D2426FE000
|
unkown
|
page readonly
|
||
|
DF6233B000
|
stack
|
page read and write
|
||
|
148D000
|
heap
|
page read and write
|
||
|
3C2F000
|
heap
|
page read and write
|
||
|
62AC000
|
heap
|
page read and write
|
||
|
2A7DD1D0000
|
heap
|
page read and write
|
||
|
24898360000
|
heap
|
page execute and read and write
|
||
|
248FD903000
|
heap
|
page read and write
|
||
|
248802C9000
|
trusted library allocation
|
page read and write
|
||
|
2526C307000
|
heap
|
page execute and read and write
|
||
|
EBA447C000
|
stack
|
page read and write
|
||
|
F918AFF000
|
stack
|
page read and write
|
||
|
278DA2E1000
|
trusted library allocation
|
page read and write
|
||
|
2A494530000
|
heap
|
page read and write
|
||
|
25201B63000
|
trusted library allocation
|
page read and write
|
||
|
2526C280000
|
heap
|
page read and write
|
||
|
D241CFE000
|
unkown
|
page readonly
|
||
|
55394FD000
|
stack
|
page read and write
|
||
|
9C5000
|
heap
|
page read and write
|
||
|
23E91EE000
|
stack
|
page read and write
|
||
|
DF619CE000
|
stack
|
page read and write
|
||
|
1BA720E1000
|
heap
|
page read and write
|
||
|
1BA00C33000
|
trusted library allocation
|
page read and write
|
||
|
218B4E10000
|
heap
|
page read and write
|
||
|
20403CF000
|
stack
|
page read and write
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
2A494510000
|
heap
|
page read and write
|
||
|
28869130000
|
heap
|
page read and write
|
||
|
1E94F200000
|
heap
|
page read and write
|
||
|
62E2000
|
heap
|
page read and write
|
||
|
7FF7A47D7000
|
unkown
|
page readonly
|
||
|
3C99000
|
heap
|
page read and write
|
||
|
EBFC16C000
|
stack
|
page read and write
|
||
|
1BA720A7000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
2DA020C0000
|
heap
|
page read and write
|
||
|
34E952F000
|
stack
|
page read and write
|
||
|
278D4EFD000
|
heap
|
page read and write
|
||
|
24898459000
|
heap
|
page read and write
|
||
|
1413000
|
heap
|
page read and write
|
||
|
288676A0000
|
heap
|
page read and write
|
||
|
3CD8000
|
heap
|
page read and write
|
||
|
230090A0000
|
heap
|
page read and write
|
||
|
3D4C000
|
stack
|
page read and write
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
EF3D0AC000
|
stack
|
page read and write
|
||
|
8C9000
|
heap
|
page read and write
|
||
|
2C7F000
|
stack
|
page read and write
|
||
|
11727730000
|
heap
|
page read and write
|
||
|
4A38CFF000
|
stack
|
page read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page read and write
|
||
|
218B4C7E000
|
heap
|
page read and write
|
||
|
28867620000
|
heap
|
page read and write
|
||
|
66E000
|
heap
|
page read and write
|
||
|
1567CE1A000
|
heap
|
page read and write
|
||
|
2526C142000
|
heap
|
page read and write
|
||
|
A96447C000
|
stack
|
page read and write
|
||
|
D1000
|
unkown
|
page execute read
|
||
|
BA1000
|
unkown
|
page execute read
|
||
|
440867E000
|
stack
|
page read and write
|
||
|
7FFD9B490000
|
trusted library allocation
|
page execute and read and write
|
||
|
940000
|
heap
|
page read and write
|
||
|
51BF000
|
heap
|
page read and write
|
||
|
24880040000
|
trusted library allocation
|
page read and write
|
||
|
440837C000
|
stack
|
page read and write
|
||
|
8AB000
|
heap
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
3CC6000
|
heap
|
page read and write
|
||
|
278DA335000
|
trusted library allocation
|
page read and write
|
||
|
DF621BE000
|
stack
|
page read and write
|
||
|
3C39000
|
heap
|
page read and write
|
||
|
25201633000
|
trusted library allocation
|
page read and write
|
||
|
1413000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
937000
|
heap
|
page read and write
|
||
|
DF61943000
|
stack
|
page read and write
|
||
|
3C4E000
|
heap
|
page read and write
|
||
|
248FF4C0000
|
heap
|
page read and write
|
||
|
278DA42D000
|
heap
|
page read and write
|
||
|
1FD2E110000
|
heap
|
page read and write
|
||
|
23008FC0000
|
heap
|
page read and write
|
||
|
5170000
|
heap
|
page read and write
|
||
|
7FFD9B462000
|
trusted library allocation
|
page read and write
|
||
|
278DA4C9000
|
heap
|
page read and write
|
||
|
2A494810000
|
heap
|
page read and write
|
||
|
13A47ED0000
|
heap
|
page read and write
|
||
|
2526C315000
|
heap
|
page read and write
|
||
|
1567CE0F000
|
heap
|
page read and write
|
||
|
1A7EB540000
|
heap
|
page read and write
|
||
|
278D5B40000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
unkown
|
page write copy
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
203A69F9000
|
heap
|
page read and write
|
||
|
2526E670000
|
heap
|
page read and write
|
||
|
7FFD9B640000
|
trusted library allocation
|
page read and write
|
||
|
278D5E20000
|
trusted library section
|
page readonly
|
||
|
1E94D7B0000
|
heap
|
page read and write
|
||
|
11727920000
|
heap
|
page read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
299BCFE000
|
stack
|
page read and write
|
||
|
278DA514000
|
heap
|
page read and write
|
||
|
278D4E79000
|
heap
|
page read and write
|
||
|
278DA44C000
|
heap
|
page read and write
|
||
|
28869135000
|
heap
|
page read and write
|
||
|
3C62000
|
heap
|
page read and write
|
||
|
24898448000
|
heap
|
page read and write
|
||
|
BA1000
|
unkown
|
page execute read
|
||
|
278D4EAE000
|
heap
|
page read and write
|
||
|
25200C33000
|
trusted library allocation
|
page read and write
|
||
|
209FED28000
|
heap
|
page read and write
|
||
|
1567CE07000
|
heap
|
page read and write
|
||
|
278DA30A000
|
trusted library allocation
|
page read and write
|
||
|
142C000
|
heap
|
page read and write
|
||
|
117290F0000
|
heap
|
page read and write
|
||
|
52A0000
|
unkown
|
page readonly
|
||
|
313F000
|
stack
|
page read and write
|
||
|
1567CBC0000
|
heap
|
page read and write
|
||
|
7FFD9B370000
|
trusted library allocation
|
page read and write
|
||
|
3C44000
|
heap
|
page read and write
|
||
|
1BA700B6000
|
heap
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
D2427FB000
|
stack
|
page read and write
|
||
|
1FD2FC15000
|
heap
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
||
|
1BA720D3000
|
heap
|
page read and write
|
||
|
3CC7000
|
heap
|
page read and write
|
||
|
14496AE0000
|
heap
|
page read and write
|
||
|
182B6BB0000
|
heap
|
page read and write
|
||
|
6FC6B2E000
|
stack
|
page read and write
|
||
|
7FFD9B2ED000
|
trusted library allocation
|
page execute and read and write
|
||
|
278DA312000
|
trusted library allocation
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
181F7490000
|
heap
|
page read and write
|
||
|
1070000
|
heap
|
page read and write
|
||
|
1BA70190000
|
heap
|
page read and write
|
||
|
EBFC1EF000
|
stack
|
page read and write
|
||
|
A9644FE000
|
stack
|
page read and write
|
||
|
14B8000
|
heap
|
page read and write
|
||
|
24890241000
|
trusted library allocation
|
page read and write
|
||
|
14B7000
|
heap
|
page read and write
|
||
|
1567CDCF000
|
heap
|
page read and write
|
||
|
1BA70220000
|
heap
|
page read and write
|
||
|
24898454000
|
heap
|
page read and write
|
||
|
7FFD9B4D0000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FF7A47D2000
|
unkown
|
page read and write
|
||
|
1C4955C0000
|
heap
|
page read and write
|
||
|
1567CDC8000
|
heap
|
page read and write
|
||
|
25200233000
|
trusted library allocation
|
page read and write
|
||
|
1BA720D0000
|
heap
|
page read and write
|
||
|
7FF77C0F5000
|
unkown
|
page readonly
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
2A7DD0D0000
|
heap
|
page read and write
|
||
|
1418000
|
heap
|
page read and write
|
||
|
1BA7202A000
|
heap
|
page read and write
|
||
|
4161000
|
heap
|
page read and write
|
||
|
278DA2BF000
|
trusted library allocation
|
page read and write
|
||
|
2526E301000
|
heap
|
page read and write
|
||
|
2526E2D6000
|
heap
|
page read and write
|
||
|
676A3FC000
|
stack
|
page read and write
|
||
|
278DA419000
|
heap
|
page read and write
|
||
|
2EAD000
|
stack
|
page read and write
|
||
|
519C000
|
heap
|
page read and write
|
||
|
6FC707E000
|
stack
|
page read and write
|
||
|
1567CCD0000
|
heap
|
page read and write
|
||
|
D2416FE000
|
unkown
|
page readonly
|
||
|
4165000
|
heap
|
page read and write
|
||
|
1A7EB535000
|
heap
|
page read and write
|
||
|
1BA10001000
|
trusted library allocation
|
page read and write
|
||
|
D1000
|
unkown
|
page execute read
|
||
|
278DA4B5000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
F30000
|
heap
|
page read and write
|
||
|
1BA700B8000
|
heap
|
page read and write
|
||
|
8D0000
|
heap
|
page read and write
|
||
|
3C62000
|
heap
|
page read and write
|
||
|
24898367000
|
heap
|
page execute and read and write
|
||
|
7FFD9B2E0000
|
trusted library allocation
|
page read and write
|
||
|
F8A000
|
heap
|
page read and write
|
||
|
6FC6EFE000
|
stack
|
page read and write
|
||
|
6FC757B000
|
stack
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
A60000
|
heap
|
page read and write
|
||
|
3D0D000
|
heap
|
page read and write
|
||
|
1004000
|
heap
|
page read and write
|
||
|
C49897C000
|
stack
|
page read and write
|
||
|
209FF2A5000
|
heap
|
page read and write
|
||
|
3C62000
|
heap
|
page read and write
|
||
|
DF61FBE000
|
stack
|
page read and write
|
||
|
D241AFE000
|
unkown
|
page readonly
|
||
|
218B4EA0000
|
heap
|
page read and write
|
||
|
449F000
|
stack
|
page read and write
|
||
|
14496B90000
|
heap
|
page read and write
|
||
|
1A8000
|
unkown
|
page readonly
|
||
|
278DA400000
|
heap
|
page read and write
|
||
|
1BA71B50000
|
heap
|
page execute and read and write
|
||
|
2DA02118000
|
heap
|
page read and write
|
||
|
1BA72064000
|
heap
|
page read and write
|
||
|
676ADCE000
|
stack
|
page read and write
|
||
|
3CEE000
|
stack
|
page read and write
|
||
|
7FFD9B47A000
|
trusted library allocation
|
page read and write
|
||
|
3CEF000
|
heap
|
page read and write
|
||
|
3CF6000
|
heap
|
page read and write
|
||
|
1FD2E108000
|
heap
|
page read and write
|
||
|
EBA44FE000
|
stack
|
page read and write
|
||
|
7FFD9B2D0000
|
trusted library allocation
|
page read and write
|
||
|
1FD2E0A0000
|
heap
|
page read and write
|
||
|
7FF7A47B5000
|
unkown
|
page readonly
|
||
|
1BA71FA6000
|
heap
|
page execute and read and write
|
||
|
3C6E000
|
stack
|
page read and write
|
||
|
E0C000
|
unkown
|
page readonly
|
||
|
DF61F79000
|
stack
|
page read and write
|
||
|
2375000
|
heap
|
page read and write
|
||
|
278D4E43000
|
heap
|
page read and write
|
||
|
202A28A0000
|
heap
|
page read and write
|
||
|
D24167E000
|
stack
|
page read and write
|
||
|
1966D4A0000
|
heap
|
page read and write
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
136F3618000
|
heap
|
page read and write
|
||
|
BA1000
|
unkown
|
page execute read
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B300000
|
trusted library allocation
|
page read and write
|
||
|
5990000
|
trusted library allocation
|
page read and write
|
||
|
3C10000
|
heap
|
page read and write
|
||
|
62E0000
|
heap
|
page read and write
|
||
|
278DA4FE000
|
heap
|
page read and write
|
||
|
23E947F000
|
stack
|
page read and write
|
||
|
DF62037000
|
stack
|
page read and write
|
||
|
203A6930000
|
heap
|
page read and write
|
||
|
12E59620000
|
heap
|
page read and write
|
||
|
676AE4E000
|
stack
|
page read and write
|
||
|
218B4C6B000
|
heap
|
page read and write
|
||
|
54CD000
|
stack
|
page read and write
|
||
|
14A1000
|
heap
|
page read and write
|
||
|
1567CF95000
|
heap
|
page read and write
|
||
|
3F7E000
|
stack
|
page read and write
|
||
|
3CEF000
|
heap
|
page read and write
|
||
|
62D8000
|
heap
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
7FFD9B4C0000
|
trusted library allocation
|
page read and write
|
||
|
278DA484000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
A66D17E000
|
stack
|
page read and write
|
||
|
52F0000
|
unkown
|
page readonly
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
218B4C9D000
|
heap
|
page read and write
|
||
|
7FFD9B4A2000
|
trusted library allocation
|
page read and write
|
||
|
24881BE3000
|
trusted library allocation
|
page read and write
|
||
|
248801E0000
|
trusted library allocation
|
page read and write
|
||
|
299B8FD000
|
stack
|
page read and write
|
||
|
F3778FE000
|
stack
|
page read and write
|
||
|
55391FE000
|
stack
|
page read and write
|
||
|
7FFD9B390000
|
trusted library allocation
|
page read and write
|
||
|
7FF77C091000
|
unkown
|
page execute read
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
2526C0E0000
|
heap
|
page read and write
|
||
|
24898370000
|
heap
|
page read and write
|
||
|
2489052F000
|
trusted library allocation
|
page read and write
|
||
|
3C34000
|
heap
|
page read and write
|
||
|
1BA71FB0000
|
heap
|
page read and write
|
||
|
F62F7E000
|
stack
|
page read and write
|
||
|
1BA7008F000
|
heap
|
page read and write
|
||
|
D8C5E7F000
|
stack
|
page read and write
|
||
|
248903F8000
|
trusted library allocation
|
page read and write
|
||
|
5166000
|
heap
|
page read and write
|
||
|
24898386000
|
heap
|
page read and write
|
||
|
248FD8F3000
|
heap
|
page read and write
|
||
|
5133000
|
heap
|
page read and write
|
||
|
2A494815000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
1567CE03000
|
heap
|
page read and write
|
||
|
25210075000
|
trusted library allocation
|
page read and write
|
||
|
38AD000
|
stack
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
7FFD9B2D0000
|
trusted library allocation
|
page read and write
|
||
|
1ED97395000
|
heap
|
page read and write
|
||
|
1BA71B80000
|
heap
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
7FFD9B31C000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C2A000
|
heap
|
page read and write
|
||
|
244D9A40000
|
heap
|
page read and write
|
||
|
4160000
|
heap
|
page read and write
|
||
|
248FDBB5000
|
heap
|
page read and write
|
||
|
8B1000
|
heap
|
page read and write
|
||
|
24898587000
|
heap
|
page read and write
|
||
|
5110000
|
heap
|
page read and write
|
||
|
1BA6FFA0000
|
heap
|
page read and write
|
||
|
3E4D000
|
stack
|
page read and write
|
||
|
2526E1E0000
|
heap
|
page read and write
|
||
|
218B4C49000
|
heap
|
page read and write
|
||
|
23E916C000
|
stack
|
page read and write
|
||
|
278DA268000
|
trusted library allocation
|
page read and write
|
||
|
1966D5D0000
|
heap
|
page read and write
|
||
|
1D02A240000
|
heap
|
page read and write
|
||
|
2526C2B0000
|
trusted library allocation
|
page read and write
|
||
|
676A0F7000
|
stack
|
page read and write
|
||
|
3CEC000
|
heap
|
page read and write
|
||
|
11727820000
|
heap
|
page read and write
|
||
|
F8B000
|
stack
|
page read and write
|
||
|
E9E000
|
unkown
|
page write copy
|
||
|
3C56000
|
heap
|
page read and write
|
||
|
7FFD9B510000
|
trusted library allocation
|
page read and write
|
||
|
1A8000
|
unkown
|
page readonly
|
||
|
48B000
|
stack
|
page read and write
|
||
|
55395FE000
|
stack
|
page read and write
|
||
|
218B4C9E000
|
heap
|
page read and write
|
||
|
66A000
|
heap
|
page read and write
|
||
|
E9F000
|
unkown
|
page read and write
|
||
|
1425000
|
heap
|
page read and write
|
||
|
7FFD9B3E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
278DA3F0000
|
remote allocation
|
page read and write
|
||
|
248FD810000
|
heap
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
F918A7F000
|
stack
|
page read and write
|
||
|
6769E7D000
|
stack
|
page read and write
|
||
|
3C88000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
144969C0000
|
heap
|
page read and write
|
||
|
3230000
|
heap
|
page read and write
|
||
|
3CEF000
|
heap
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page read and write
|
||
|
DF6223E000
|
stack
|
page read and write
|
||
|
2526C162000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
377ABBF000
|
stack
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
7FFD9B5F0000
|
trusted library allocation
|
page read and write
|
||
|
3C6C000
|
heap
|
page read and write
|
||
|
55396FF000
|
stack
|
page read and write
|
||
|
218B4C9D000
|
heap
|
page read and write
|
||
|
51BF000
|
heap
|
page read and write
|
||
|
24898423000
|
heap
|
page read and write
|
||
|
278DA43F000
|
heap
|
page read and write
|
||
|
6FC7F4E000
|
stack
|
page read and write
|
||
|
218B4C40000
|
heap
|
page read and write
|
||
|
8CF000
|
heap
|
page read and write
|
||
|
2526DF1C000
|
heap
|
page read and write
|
||
|
7FFD9B2C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
2526C0C0000
|
heap
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
278DA29D000
|
trusted library allocation
|
page read and write
|
||
|
3CEF000
|
heap
|
page read and write
|
||
|
3C09000
|
stack
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
7FF7A4750000
|
unkown
|
page readonly
|
||
|
244DB535000
|
heap
|
page read and write
|
||
|
12E595A0000
|
heap
|
page read and write
|
||
|
D240BF7000
|
stack
|
page read and write
|
||
|
DF61D7D000
|
stack
|
page read and write
|
||
|
6FC7278000
|
stack
|
page read and write
|
||
|
7FFD9B620000
|
trusted library allocation
|
page read and write
|
||
|
278DA4F4000
|
heap
|
page read and write
|
||
|
22F5E155000
|
heap
|
page read and write
|
||
|
7FFD9B4C2000
|
trusted library allocation
|
page read and write
|
||
|
218B4C9D000
|
heap
|
page read and write
|
||
|
D1000
|
unkown
|
page execute read
|
||
|
1E94D849000
|
heap
|
page read and write
|
||
|
4795000
|
trusted library section
|
page read and write
|
||
|
7FFD9B3C6000
|
trusted library allocation
|
page execute and read and write
|
||
|
209FECE0000
|
heap
|
page read and write
|
||
|
29696FF000
|
stack
|
page read and write
|
||
|
278D4E8C000
|
heap
|
page read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page read and write
|
||
|
EAA000
|
unkown
|
page readonly
|
||
|
25201CDC000
|
trusted library allocation
|
page read and write
|
||
|
DF61DFE000
|
stack
|
page read and write
|
||
|
1434000
|
heap
|
page read and write
|
||
|
1BA01E16000
|
trusted library allocation
|
page read and write
|
||
|
278DA517000
|
heap
|
page read and write
|
||
|
202A4215000
|
heap
|
page read and write
|
||
|
278DA320000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B49A000
|
trusted library allocation
|
page read and write
|
||
|
1A0E37F000
|
stack
|
page read and write
|
||
|
24880E74000
|
trusted library allocation
|
page read and write
|
||
|
2A1D000
|
stack
|
page read and write
|
||
|
278D4E8A000
|
heap
|
page read and write
|
||
|
6FC70FE000
|
stack
|
page read and write
|
||
|
1567CF90000
|
heap
|
page read and write
|
||
|
278D4E91000
|
heap
|
page read and write
|
||
|
2526C189000
|
heap
|
page read and write
|
||
|
1BA70077000
|
heap
|
page read and write
|
||
|
2526E14E000
|
heap
|
page read and write
|
||
|
2526C144000
|
heap
|
page read and write
|
||
|
23008FE0000
|
heap
|
page read and write
|
||
|
218B4C7E000
|
heap
|
page read and write
|
||
|
1E94D840000
|
heap
|
page read and write
|
||
|
288675E0000
|
heap
|
page read and write
|
||
|
1567CCA0000
|
heap
|
page read and write
|
||
|
28FE000
|
stack
|
page read and write
|
||
|
22DA8620000
|
heap
|
page read and write
|
||
|
7FFD9B491000
|
trusted library allocation
|
page read and write
|
||
|
218B4C70000
|
heap
|
page read and write
|
||
|
D2428FE000
|
unkown
|
page readonly
|
||
|
278DA338000
|
trusted library allocation
|
page read and write
|
||
|
DF61C7E000
|
stack
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
6FC6AA3000
|
stack
|
page read and write
|
||
|
1BA7007D000
|
heap
|
page read and write
|
||
|
7FFD9B380000
|
trusted library allocation
|
page execute and read and write
|
||
|
3C56000
|
heap
|
page read and write
|
||
|
2954F735000
|
heap
|
page read and write
|
||
|
EF3D12E000
|
stack
|
page read and write
|
||
|
7FFD9B2DB000
|
trusted library allocation
|
page read and write
|
||
|
278DA34F000
|
trusted library allocation
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
6FC6F7C000
|
stack
|
page read and write
|
||
|
34E94AC000
|
stack
|
page read and write
|
||
|
23008EE0000
|
heap
|
page read and write
|
||
|
5630000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B2C4000
|
trusted library allocation
|
page read and write
|
||
|
481393C000
|
stack
|
page read and write
|
||
|
7FFD9B4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
3160000
|
heap
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
278D61D0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5D0000
|
trusted library allocation
|
page read and write
|
||
|
278DA250000
|
trusted library allocation
|
page read and write
|
||
|
209FF2A0000
|
heap
|
page read and write
|
||
|
3EBE000
|
stack
|
page read and write
|
||
|
2526C150000
|
heap
|
page read and write
|
||
|
1010000
|
heap
|
page read and write
|
||
|
DF622BF000
|
stack
|
page read and write
|
||
|
D242E7E000
|
stack
|
page read and write
|
||
|
435E000
|
stack
|
page read and write
|
||
|
24881E1D000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B37C000
|
trusted library allocation
|
page execute and read and write
|
||
|
37AE000
|
stack
|
page read and write
|
||
|
233E000
|
stack
|
page read and write
|
||
|
2526E310000
|
heap
|
page read and write
|
||
|
12E59628000
|
heap
|
page read and write
|
||
|
278DA357000
|
trusted library allocation
|
page read and write
|
||
|
55392FE000
|
stack
|
page read and write
|
||
|
1474000
|
heap
|
page read and write
|
||
|
278DA34C000
|
trusted library allocation
|
page read and write
|
||
|
3C26000
|
heap
|
page read and write
|
||
|
899000
|
heap
|
page read and write
|
||
|
278DA25E000
|
trusted library allocation
|
page read and write
|
||
|
628A000
|
heap
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
52B0000
|
unkown
|
page readonly
|
||
|
34E95AE000
|
stack
|
page read and write
|
||
|
61F0000
|
heap
|
page read and write
|
||
|
278DA3A0000
|
trusted library allocation
|
page read and write
|
||
|
D2410FD000
|
stack
|
page read and write
|
||
|
3C3B000
|
heap
|
page read and write
|
||
|
5F1E000
|
stack
|
page read and write
|
||
|
22F5C7E0000
|
heap
|
page read and write
|
||
|
136F5035000
|
heap
|
page read and write
|
||
|
3CC6000
|
heap
|
page read and write
|
||
|
1BA01967000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
13A47D00000
|
heap
|
page read and write
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
DEB17F000
|
stack
|
page read and write
|
||
|
40B0000
|
heap
|
page read and write
|
||
|
1BA10074000
|
trusted library allocation
|
page read and write
|
||
|
1D028700000
|
heap
|
page read and write
|
||
|
2526BFE0000
|
heap
|
page read and write
|
||
|
1BA72209000
|
heap
|
page read and write
|
||
|
7FFD9B2F0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B5B0000
|
trusted library allocation
|
page read and write
|
||
|
25201B3A000
|
trusted library allocation
|
page read and write
|
||
|
248FD897000
|
heap
|
page read and write
|
||
|
218B4C98000
|
heap
|
page read and write
|
||
|
312C000
|
stack
|
page read and write
|
||
|
203A69C0000
|
heap
|
page read and write
|
||
|
1BA720DC000
|
heap
|
page read and write
|
||
|
DF620BC000
|
stack
|
page read and write
|
||
|
278D5713000
|
heap
|
page read and write
|
||
|
1A7EB470000
|
heap
|
page read and write
|
||
|
D2422FE000
|
unkown
|
page readonly
|
||
|
7FFD9B4F0000
|
trusted library allocation
|
page read and write
|
||
|
248FD84F000
|
heap
|
page read and write
|
||
|
E9C000
|
unkown
|
page read and write
|
||
|
7DF4D1100000
|
trusted library allocation
|
page execute and read and write
|
||
|
1330000
|
heap
|
page read and write
|
||
|
278DA3F0000
|
remote allocation
|
page read and write
|
||
|
7FFD9B4D0000
|
trusted library allocation
|
page read and write
|
||
|
DF61E7F000
|
stack
|
page read and write
|
||
|
2520199D000
|
trusted library allocation
|
page read and write
|
||
|
6FC73FE000
|
stack
|
page read and write
|
||
|
7FF7A47B5000
|
unkown
|
page readonly
|
||
|
3C6D000
|
heap
|
page read and write
|
||
|
3C37000
|
heap
|
page read and write
|
||
|
1567CE0A000
|
heap
|
page read and write
|
||
|
248FD86F000
|
heap
|
page read and write
|
||
|
1BA019A0000
|
trusted library allocation
|
page read and write
|
||
|
6769EFE000
|
stack
|
page read and write
|
||
|
1C496F70000
|
heap
|
page read and write
|
||
|
88D000
|
heap
|
page read and write
|
||
|
6FC7FCD000
|
stack
|
page read and write
|
||
|
1A7EB480000
|
heap
|
page read and write
|
||
|
8BA000
|
heap
|
page read and write
|
||
|
7FFD9B540000
|
trusted library allocation
|
page read and write
|
||
|
55390FD000
|
stack
|
page read and write
|
||
|
907D9FE000
|
stack
|
page read and write
|
||
|
7FFD9B650000
|
trusted library allocation
|
page read and write
|
||
|
6FC7179000
|
stack
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
8C2000
|
heap
|
page read and write
|
||
|
204034D000
|
stack
|
page read and write
|
||
|
278DA2BC000
|
trusted library allocation
|
page read and write
|
||
|
1C495470000
|
heap
|
page read and write
|
||
|
D241FFE000
|
unkown
|
page readonly
|
||
|
22DC000
|
stack
|
page read and write
|
||
|
D241DF9000
|
stack
|
page read and write
|
||
|
F37797F000
|
stack
|
page read and write
|
||
|
676A27E000
|
stack
|
page read and write
|
||
|
7FFD9B380000
|
trusted library allocation
|
page execute and read and write
|
||
|
12E59940000
|
heap
|
page read and write
|
||
|
141F000
|
heap
|
page read and write
|
||
|
278D5602000
|
heap
|
page read and write
|
||
|
8B7000
|
heap
|
page read and write
|
||
|
8D3000
|
heap
|
page read and write
|
||
|
1BA700BB000
|
heap
|
page read and write
|
||
|
E0C000
|
unkown
|
page readonly
|
||
|
3C20000
|
heap
|
page read and write
|
||
|
13A47D09000
|
heap
|
page read and write
|
||
|
6AA000
|
heap
|
page read and write
|
||
|
25201A0B000
|
trusted library allocation
|
page read and write
|
||
|
11727828000
|
heap
|
page read and write
|
||
|
3CC6000
|
heap
|
page read and write
|
||
|
230090A8000
|
heap
|
page read and write
|
||
|
7FFD9B2C4000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
676A2FE000
|
stack
|
page read and write
|
||
|
248800D8000
|
heap
|
page read and write
|
||
|
3C39000
|
heap
|
page read and write
|
||
|
278DA240000
|
trusted library allocation
|
page read and write
|
||
|
1BA70180000
|
trusted library allocation
|
page read and write
|
||
|
12FB000
|
stack
|
page read and write
|
||
|
1630000
|
heap
|
page read and write
|
||
|
D2415FE000
|
unkown
|
page readonly
|
||
|
2D9C5CE000
|
stack
|
page read and write
|
||
|
1BA01633000
|
trusted library allocation
|
page read and write
|
||
|
2526C285000
|
heap
|
page read and write
|
||
|
7FFD9B560000
|
trusted library allocation
|
page read and write
|
||
|
30F6F4F000
|
stack
|
page read and write
|
||
|
1966D580000
|
heap
|
page read and write
|
||
|
27BC000
|
stack
|
page read and write
|
||
|
2526C18F000
|
heap
|
page read and write
|
||
|
3C3B000
|
heap
|
page read and write
|
||
|
513C000
|
heap
|
page read and write
|
||
|
22F5C6C0000
|
heap
|
page read and write
|
||
|
278DA254000
|
trusted library allocation
|
page read and write
|
||
|
25201B5F000
|
trusted library allocation
|
page read and write
|
||
|
278D575A000
|
heap
|
page read and write
|
||
|
278DA2C2000
|
trusted library allocation
|
page read and write
|
||
|
5260000
|
unkown
|
page readonly
|
||
|
1A0E2FF000
|
stack
|
page read and write
|
||
|
278DA461000
|
heap
|
page read and write
|
||
|
248FD85B000
|
heap
|
page read and write
|
||
|
E9E000
|
unkown
|
page write copy
|
||
|
2A7DD258000
|
heap
|
page read and write
|
||
|
2B3E000
|
stack
|
page read and write
|
||
|
2526E313000
|
heap
|
page read and write
|
||
|
278D4F02000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
278DA4F2000
|
heap
|
page read and write
|
||
|
935000
|
heap
|
page read and write
|
||
|
D0000
|
unkown
|
page readonly
|
||
|
248983C4000
|
heap
|
page read and write
|
||
|
5100000
|
heap
|
page read and write
|
||
|
278D5C40000
|
trusted library allocation
|
page read and write
|
||
|
1DA000
|
unkown
|
page read and write
|
||
|
278DA280000
|
trusted library allocation
|
page read and write
|
||
|
621D000
|
heap
|
page read and write
|
||
|
22F0000
|
heap
|
page read and write
|
||
|
278D4F28000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
146B000
|
heap
|
page read and write
|
||
|
25200001000
|
trusted library allocation
|
page read and write
|
||
|
5116000
|
heap
|
page read and write
|
||
|
24898580000
|
heap
|
page read and write
|
||
|
5DC0000
|
remote allocation
|
page read and write
|
||
|
30F6FCF000
|
stack
|
page read and write
|
||
|
278D5600000
|
heap
|
page read and write
|
||
|
8DF000
|
heap
|
page read and write
|
||
|
BA0000
|
unkown
|
page readonly
|
||
|
278DA454000
|
heap
|
page read and write
|
||
|
296967C000
|
stack
|
page read and write
|
||
|
2B7E000
|
stack
|
page read and write
|
||
|
24880210000
|
heap
|
page execute and read and write
|
||
|
D2421FE000
|
unkown
|
page readonly
|
||
|
5250000
|
unkown
|
page readonly
|
||
|
1BA70225000
|
heap
|
page read and write
|
||
|
278D5E50000
|
trusted library section
|
page readonly
|
||
|
2DA03B30000
|
heap
|
page read and write
|
||
|
252016CD000
|
trusted library allocation
|
page read and write
|
||
|
24890250000
|
trusted library allocation
|
page read and write
|
||
|
36AF000
|
stack
|
page read and write
|
||
|
63F5000
|
trusted library section
|
page read and write
|
||
|
54E5000
|
heap
|
page read and write
|
||
|
2526E020000
|
heap
|
page execute and read and write
|
||
|
2526DE30000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B376000
|
trusted library allocation
|
page read and write
|
||
|
218B4E40000
|
heap
|
page read and write
|
||
|
248983C2000
|
heap
|
page read and write
|
||
|
7FFD9B2E4000
|
trusted library allocation
|
page read and write
|
||
|
278D4E9C000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
209FED20000
|
heap
|
page read and write
|
||
|
7FF77C117000
|
unkown
|
page readonly
|
||
|
218B4CC1000
|
heap
|
page read and write
|
||
|
D24187E000
|
stack
|
page read and write
|
||
|
1E94F205000
|
heap
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
1BA101B7000
|
trusted library allocation
|
page read and write
|
||
|
1350000
|
heap
|
page read and write
|
||
|
299BBFE000
|
stack
|
page read and write
|
||
|
7FF7A47D2000
|
unkown
|
page write copy
|
||
|
2954F730000
|
heap
|
page read and write
|
||
|
D241BFE000
|
unkown
|
page readonly
|
||
|
4A38C7F000
|
stack
|
page read and write
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
5120000
|
heap
|
page read and write
|
||
|
3C34000
|
heap
|
page read and write
|
||
|
181F74A8000
|
heap
|
page read and write
|
||
|
278D5E30000
|
trusted library section
|
page readonly
|
||
|
278D4F13000
|
heap
|
page read and write
|
||
|
7FFD9B490000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA01A10000
|
trusted library allocation
|
page read and write
|
||
|
3C4E000
|
heap
|
page read and write
|
||
|
278D4EBA000
|
heap
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page read and write
|
||
|
203A69F0000
|
heap
|
page read and write
|
||
|
7FFD9B3A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B33C000
|
trusted library allocation
|
page execute and read and write
|
||
|
1567CE10000
|
heap
|
page read and write
|
||
|
2DA03B35000
|
heap
|
page read and write
|
||
|
7FFD9B4B0000
|
trusted library allocation
|
page execute and read and write
|
||
|
5111000
|
heap
|
page read and write
|
||
|
81E000
|
stack
|
page read and write
|
||
|
6769F7E000
|
stack
|
page read and write
|
||
|
7FFD9B600000
|
trusted library allocation
|
page read and write
|
||
|
3C3E000
|
heap
|
page read and write
|
||
|
62D8000
|
heap
|
page read and write
|
||
|
278D4E77000
|
heap
|
page read and write
|
||
|
2CF0000
|
remote allocation
|
page read and write
|
||
|
248FDBB0000
|
heap
|
page read and write
|
||
|
278D5801000
|
trusted library allocation
|
page read and write
|
||
|
3C56000
|
heap
|
page read and write
|
||
|
BA1000
|
unkown
|
page execute read
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
7FFD9B2E2000
|
trusted library allocation
|
page read and write
|
||
|
278D4D70000
|
heap
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
5280000
|
unkown
|
page readonly
|
||
|
244DB3E0000
|
heap
|
page read and write
|
||
|
25201CE0000
|
trusted library allocation
|
page read and write
|
||
|
278DA510000
|
heap
|
page read and write
|
||
|
3CC6000
|
heap
|
page read and write
|
||
|
1000000
|
heap
|
page read and write
|
||
|
22F5C830000
|
heap
|
page read and write
|
||
|
4256000
|
heap
|
page read and write
|
||
|
181F73E0000
|
heap
|
page read and write
|
||
|
7FF7A4751000
|
unkown
|
page execute read
|
||
|
A66D0FE000
|
stack
|
page read and write
|
||
|
248983BC000
|
heap
|
page read and write
|
||
|
7FFD9B500000
|
trusted library allocation
|
page read and write
|
||
|
248FDA00000
|
heap
|
page read and write
|
||
|
676A17A000
|
stack
|
page read and write
|
||
|
7FFD9B2C2000
|
trusted library allocation
|
page read and write
|
||
|
4162000
|
heap
|
page read and write
|
||
|
D240AFE000
|
unkown
|
page readonly
|
||
|
3C49000
|
heap
|
page read and write
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
24898340000
|
heap
|
page execute and read and write
|
||
|
3C7D000
|
heap
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
2A4945B8000
|
heap
|
page read and write
|
||
|
6769DFE000
|
stack
|
page read and write
|
||
|
58A000
|
stack
|
page read and write
|
||
|
2A7DD1B0000
|
heap
|
page read and write
|
||
|
7FFD9B376000
|
trusted library allocation
|
page read and write
|
||
|
3C6C000
|
heap
|
page read and write
|
||
|
278D4C70000
|
heap
|
page read and write
|
||
|
278DA270000
|
trusted library allocation
|
page read and write
|
||
|
1DE000
|
unkown
|
page readonly
|
||
|
7FFD9B570000
|
trusted library allocation
|
page read and write
|
||
|
5CB000
|
stack
|
page read and write
|
||
|
7FFD9B4A0000
|
trusted library allocation
|
page execute and read and write
|
||
|
1BA7007B000
|
heap
|
page read and write
|
||
|
3C75000
|
heap
|
page read and write
|
||
|
D2423FC000
|
stack
|
page read and write
|
||
|
3C40000
|
heap
|
page read and write
|
||
|
2526DF00000
|
heap
|
page read and write
|
||
|
F37787C000
|
stack
|
page read and write
|
||
|
1635000
|
heap
|
page read and write
|
||
|
DEB0FE000
|
stack
|
page read and write
|
||
|
7FFD9B550000
|
trusted library allocation
|
page read and write
|
||
|
278DA330000
|
trusted library allocation
|
page read and write
|
||
|
278DA258000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
14B5000
|
heap
|
page read and write
|
||
|
830000
|
heap
|
page read and write
|
||
|
6FC72F9000
|
stack
|
page read and write
|
||
|
3D0B000
|
heap
|
page read and write
|
||
|
FC7E87F000
|
stack
|
page read and write
|
||
|
53CC000
|
stack
|
page read and write
|
||
|
3C87000
|
heap
|
page read and write
|
||
|
4C7000
|
stack
|
page read and write
|
||
|
2E83000
|
heap
|
page read and write
|
||
|
7FFD9B2E3000
|
trusted library allocation
|
page execute and read and write
|
||
|
22DA6CD8000
|
heap
|
page read and write
|
||
|
5270000
|
unkown
|
page readonly
|
||
|
25210010000
|
trusted library allocation
|
page read and write
|
||
|
895000
|
heap
|
page read and write
|
||
|
7FFD9B471000
|
trusted library allocation
|
page read and write
|
||
|
D2425FE000
|
stack
|
page read and write
|
||
|
8D8000
|
heap
|
page read and write
|
||
|
FC7E54D000
|
stack
|
page read and write
|
||
|
147B000
|
heap
|
page read and write
|
||
|
2E5D000
|
stack
|
page read and write
|
||
|
D2412FB000
|
stack
|
page read and write
|
||
|
21B50395000
|
heap
|
page read and write
|
||
|
7FF77C117000
|
unkown
|
page readonly
|
||
|
218B4C96000
|
heap
|
page read and write
|
||
|
182B50B0000
|
heap
|
page read and write
|
||
|
627E000
|
heap
|
page read and write
|
||
|
3D0E000
|
heap
|
page read and write
|
||
|
9B0000
|
heap
|
page read and write
|
||
|
3CE2000
|
heap
|
page read and write
|
||
|
1C496F75000
|
heap
|
page read and write
|
||
|
278D4DA0000
|
trusted library allocation
|
page read and write
|
||
|
6769FFE000
|
stack
|
page read and write
|
||
|
142A000
|
heap
|
page read and write
|
||
|
1BA71FA0000
|
heap
|
page execute and read and write
|
||
|
1567CE01000
|
heap
|
page read and write
|
||
|
22DA6C50000
|
heap
|
page read and write
|
||
|
1567CE02000
|
heap
|
page read and write
|
||
|
3CAB000
|
stack
|
page read and write
|
||
|
22DA6B30000
|
heap
|
page read and write
|
||
|
2526DF09000
|
heap
|
page read and write
|
||
|
24882056000
|
trusted library allocation
|
page read and write
|
||
|
F62EFE000
|
stack
|
page read and write
|
||
|
1BA00233000
|
trusted library allocation
|
page read and write
|
||
|
6FC6BAF000
|
stack
|
page read and write
|
||
|
24880093000
|
trusted library allocation
|
page read and write
|
||
|
F91878D000
|
stack
|
page read and write
|
||
|
7FFD9B47A000
|
trusted library allocation
|
page read and write
|
||
|
1D02A080000
|
heap
|
page read and write
|
||
|
1567CE08000
|
heap
|
page read and write
|
||
|
D2419FC000
|
stack
|
page read and write
|
||
|
2E80000
|
heap
|
page read and write
|
||
|
5290000
|
unkown
|
page readonly
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
252101B8000
|
trusted library allocation
|
page read and write
|
||
|
30F6ECC000
|
stack
|
page read and write
|
||
|
7FFD9B2CD000
|
trusted library allocation
|
page execute and read and write
|
||
|
2E50000
|
heap
|
page read and write
|
||
|
5DC0000
|
remote allocation
|
page read and write
|
||
|
107B000
|
heap
|
page read and write
|
||
|
D24087B000
|
stack
|
page read and write
|
||
|
62C3000
|
heap
|
page read and write
|
||
|
2DA02110000
|
heap
|
page read and write
|
||
|
23009040000
|
heap
|
page read and write
|
||
|
2A7DD530000
|
heap
|
page read and write
|
||
|
907DC7E000
|
stack
|
page read and write
|
||
|
FCA54FF000
|
stack
|
page read and write
|
||
|
1BA0007F000
|
trusted library allocation
|
page read and write
|
||
|
1BA10011000
|
trusted library allocation
|
page read and write
|
||
|
278DA4CB000
|
heap
|
page read and write
|
||
|
13CA000
|
heap
|
page read and write
|
||
|
4EB7000
|
unkown
|
page readonly
|
||
|
907000
|
heap
|
page read and write
|
||
|
84A000
|
heap
|
page read and write
|
||
|
3C4E000
|
heap
|
page read and write
|
||
|
202A27A9000
|
heap
|
page read and write
|
||
|
7FFD9B471000
|
trusted library allocation
|
page read and write
|
||
|
65E000
|
heap
|
page read and write
|
||
|
1FD2E100000
|
heap
|
page read and write
|
||
|
95E000
|
stack
|
page read and write
|
||
|
1966EF85000
|
heap
|
page read and write
|
||
|
2526C100000
|
heap
|
page read and write
|
||
|
11729220000
|
heap
|
page read and write
|
||
|
54F2000
|
heap
|
page read and write
|
||
|
278DA230000
|
trusted library allocation
|
page read and write
|
||
|
12E59945000
|
heap
|
page read and write
|
||
|
288675D0000
|
heap
|
page read and write
|
||
|
24880241000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
D2409FD000
|
stack
|
page read and write
|
||
|
1A0E27C000
|
stack
|
page read and write
|
||
|
D2424FE000
|
unkown
|
page readonly
|
||
|
278D5E10000
|
trusted library section
|
page readonly
|
||
|
278DA4FA000
|
heap
|
page read and write
|
||
|
D242B7F000
|
stack
|
page read and write
|
||
|
7FFD9B5E0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B3E0000
|
trusted library allocation
|
page execute and read and write
|
||
|
54EA000
|
heap
|
page read and write
|
||
|
9C0000
|
heap
|
page read and write
|
||
|
1BA71A03000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B580000
|
trusted library allocation
|
page read and write
|
||
|
2526E040000
|
heap
|
page execute and read and write
|
||
|
D24177E000
|
stack
|
page read and write
|
||
|
636000
|
heap
|
page read and write
|
||
|
13A47F70000
|
heap
|
page read and write
|
||
|
278DA380000
|
trusted library allocation
|
page read and write
|
||
|
EAA000
|
unkown
|
page readonly
|
||
|
DF61CFF000
|
stack
|
page read and write
|
||
|
1422000
|
heap
|
page read and write
|
||
|
1567CD80000
|
heap
|
page read and write
|
||
|
F80000
|
heap
|
page read and write
|
||
|
FF0000
|
heap
|
page read and write
|
||
|
39F2000
|
heap
|
page read and write
|
||
|
2E2F000
|
stack
|
page read and write
|
||
|
22DA6C10000
|
heap
|
page read and write
|
||
|
E9C000
|
unkown
|
page write copy
|
||
|
1BA70140000
|
trusted library allocation
|
page read and write
|
||
|
2526C18B000
|
heap
|
page read and write
|
||
|
25210001000
|
trusted library allocation
|
page read and write
|
||
|
E9C000
|
unkown
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
299BDFF000
|
stack
|
page read and write
|
||
|
248983A5000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
D2413FE000
|
unkown
|
page readonly
|
||
|
14496B99000
|
heap
|
page read and write
|
||
|
6FC6FFF000
|
stack
|
page read and write
|
||
|
51B0000
|
heap
|
page read and write
|
||
|
278DA36A000
|
trusted library allocation
|
page read and write
|
||
|
26C0000
|
trusted library allocation
|
page read and write
|
||
|
FCA557F000
|
stack
|
page read and write
|
||
|
2526E1C0000
|
heap
|
page read and write
|
||
|
7FFD9B610000
|
trusted library allocation
|
page read and write
|
||
|
24880050000
|
heap
|
page readonly
|
||
|
E0C000
|
unkown
|
page readonly
|
||
|
2526E630000
|
heap
|
page read and write
|
||
|
278DA280000
|
trusted library allocation
|
page read and write
|
||
|
278D4E5B000
|
heap
|
page read and write
|
||
|
203A69C5000
|
heap
|
page read and write
|
||
|
D241EFE000
|
unkown
|
page readonly
|
||
|
13A47F75000
|
heap
|
page read and write
|
||
|
EBFC47F000
|
stack
|
page read and write
|
||
|
1BA01CB9000
|
trusted library allocation
|
page read and write
|
||
|
2526E2D0000
|
heap
|
page read and write
|
||
|
2526E2C5000
|
heap
|
page read and write
|
||
|
D241B7E000
|
stack
|
page read and write
|
||
|
1D0286D0000
|
heap
|
page read and write
|
||
|
248985BB000
|
heap
|
page read and write
|
||
|
EAA000
|
unkown
|
page readonly
|
||
|
6290000
|
heap
|
page read and write
|
||
|
136F5030000
|
heap
|
page read and write
|
||
|
4167000
|
heap
|
page read and write
|
||
|
DF61EFE000
|
stack
|
page read and write
|
||
|
1075000
|
heap
|
page read and write
|
||
|
142D000
|
heap
|
page read and write
|
||
|
1BA6FEC0000
|
heap
|
page read and write
|
||
|
7FFD9B590000
|
trusted library allocation
|
page read and write
|
||
|
C4989FF000
|
stack
|
page read and write
|
||
|
2526DE33000
|
trusted library allocation
|
page read and write
|
||
|
DF62138000
|
stack
|
page read and write
|
||
|
21B50170000
|
heap
|
page read and write
|
||
|
278DA341000
|
trusted library allocation
|
page read and write
|
||
|
7FF77C112000
|
unkown
|
page read and write
|
||
|
1BA721DE000
|
heap
|
page read and write
|
||
|
2526E346000
|
heap
|
page read and write
|
||
|
7FF77C091000
|
unkown
|
page execute read
|
||
|
6769C73000
|
stack
|
page read and write
|
||
|
3C73000
|
heap
|
page read and write
|
||
|
907D97C000
|
stack
|
page read and write
|
||
|
248FD857000
|
heap
|
page read and write
|
||
|
7FFD9B630000
|
trusted library allocation
|
page read and write
|
||
|
182B4FD0000
|
heap
|
page read and write
|
||
|
278D4E13000
|
heap
|
page read and write
|
||
|
278DA502000
|
heap
|
page read and write
|
||
|
3C4E000
|
heap
|
page read and write
|
||
|
FCA547C000
|
stack
|
page read and write
|
||
|
278D5700000
|
heap
|
page read and write
|
||
|
61F1000
|
heap
|
page read and write
|
||
|
3DEF000
|
stack
|
page read and write
|
||
|
2A7DD535000
|
heap
|
page read and write
|
||
|
64D000
|
heap
|
page read and write
|
||
|
2526E129000
|
heap
|
page read and write
|
||
|
13C0000
|
heap
|
page read and write
|
||
|
248FDA20000
|
heap
|
page read and write
|
||
|
D242EFE000
|
unkown
|
page readonly
|
||
|
326D000
|
stack
|
page read and write
|
||
|
1BA70030000
|
heap
|
page read and write
|
||
|
2526E104000
|
heap
|
page read and write
|
||
|
6769CFE000
|
stack
|
page read and write
|
||
|
13A47CF0000
|
heap
|
page read and write
|
||
|
5DC0000
|
remote allocation
|
page read and write
|
||
|
1E94D7A0000
|
heap
|
page read and write
|
||
|
181F7420000
|
heap
|
page read and write
|
||
|
EAA000
|
unkown
|
page readonly
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
7FFD9B5A0000
|
trusted library allocation
|
page read and write
|
||
|
F62E7C000
|
stack
|
page read and write
|
||
|
7FF7A4751000
|
unkown
|
page execute read
|
||
|
32C0000
|
trusted library allocation
|
page read and write
|
||
|
63F0000
|
trusted library section
|
page read and write
|
||
|
2D2E000
|
stack
|
page read and write
|
||
|
1FD2E0E0000
|
heap
|
page read and write
|
||
|
7FF7A4750000
|
unkown
|
page readonly
|
||
|
425A000
|
heap
|
page read and write
|
||
|
278DA4D1000
|
heap
|
page read and write
|
||
|
1427000
|
heap
|
page read and write
|
||
|
3C6A000
|
heap
|
page read and write
|
||
|
2DA03A80000
|
heap
|
page read and write
|
||
|
1BA7007F000
|
heap
|
page read and write
|
||
|
65B000
|
heap
|
page read and write
|
||
|
278DA290000
|
trusted library allocation
|
page read and write
|
||
|
2526C260000
|
trusted library allocation
|
page read and write
|
||
|
303E000
|
stack
|
page read and write
|
||
|
5D0000
|
heap
|
page read and write
|
||
|
278DA50B000
|
heap
|
page read and write
|
||
|
7FFD9B3A6000
|
trusted library allocation
|
page execute and read and write
|
||
|
24880230000
|
heap
|
page read and write
|
||
|
439B000
|
stack
|
page read and write
|
||
|
7FFD9B530000
|
trusted library allocation
|
page read and write
|
||
|
62DA000
|
heap
|
page read and write
|
||
|
7FFD9B37C000
|
trusted library allocation
|
page execute and read and write
|
||
|
2489844B000
|
heap
|
page read and write
|
||
|
1D028709000
|
heap
|
page read and write
|
||
|
162B000
|
stack
|
page read and write
|
||
|
3C25000
|
heap
|
page read and write
|
||
|
3C65000
|
heap
|
page read and write
|
||
|
25201BF2000
|
trusted library allocation
|
page read and write
|
||
|
278DA320000
|
trusted library allocation
|
page read and write
|
||
|
2526E2C0000
|
heap
|
page read and write
|
||
|
1966EF80000
|
heap
|
page read and write
|
||
|
7FFD9B460000
|
trusted library allocation
|
page read and write
|
||
|
FC7E5CF000
|
stack
|
page read and write
|
||
|
278DA3F0000
|
remote allocation
|
page read and write
|
||
|
8B8000
|
heap
|
page read and write
|
||
|
2954DC10000
|
heap
|
page read and write
|
||
|
299B9FE000
|
stack
|
page read and write
|
||
|
1BA71A47000
|
heap
|
page read and write
|
||
|
7FFD9B520000
|
trusted library allocation
|
page read and write
|
||
|
416B000
|
heap
|
page read and write
|
||
|
38B5000
|
heap
|
page read and write
|
||
|
22DA8625000
|
heap
|
page read and write
|
||
|
25201B51000
|
trusted library allocation
|
page read and write
|
||
|
54ED000
|
heap
|
page read and write
|
||
|
5538D7D000
|
stack
|
page read and write
|
||
|
1FD2E090000
|
heap
|
page read and write
|
||
|
278D61B1000
|
trusted library allocation
|
page read and write
|
||
|
3C76000
|
heap
|
page read and write
|
||
|
7FF77C090000
|
unkown
|
page readonly
|
||
|
7FFD9B39C000
|
trusted library allocation
|
page execute and read and write
|
||
|
7FFD9B2FB000
|
trusted library allocation
|
page read and write
|
||
|
6A7000
|
heap
|
page read and write
|
||
|
407F000
|
stack
|
page read and write
|
||
|
7FF7A47D7000
|
unkown
|
page readonly
|
||
|
278DA3A0000
|
trusted library allocation
|
page read and write
|
||
|
204067F000
|
stack
|
page read and write
|
||
|
3C11000
|
heap
|
page read and write
|
||
|
24881E88000
|
trusted library allocation
|
page read and write
|
||
|
6FC737E000
|
stack
|
page read and write
|
||
|
22F5C7A0000
|
heap
|
page read and write
|
||
|
7FFD9B2C3000
|
trusted library allocation
|
page execute and read and write
|
||
|
278D5E60000
|
trusted library section
|
page readonly
|
||
|
278DA250000
|
trusted library allocation
|
page read and write
|
||
|
24E15AF000
|
stack
|
page read and write
|
||
|
54E7000
|
heap
|
page read and write
|
||
|
7FFD9B5C0000
|
trusted library allocation
|
page read and write
|
||
|
4813C7F000
|
stack
|
page read and write
|
||
|
676A078000
|
stack
|
page read and write
|
||
|
7FFD9B370000
|
trusted library allocation
|
page read and write
|
||
|
7FFD9B482000
|
trusted library allocation
|
page read and write
|
||
|
6A8000
|
heap
|
page read and write
|
||
|
278DA294000
|
trusted library allocation
|
page read and write
|
||
|
278D5615000
|
heap
|
page read and write
|
||
|
2526E30E000
|
heap
|
page read and write
|
||
|
24880474000
|
trusted library allocation
|
page read and write
|
||
|
1ED97390000
|
heap
|
page read and write
|
||
|
278D4E6F000
|
heap
|
page read and write
|
||
|
14BB000
|
heap
|
page read and write
|
||
|
278DA51C000
|
heap
|
page read and write
|
||
|
1DA000
|
unkown
|
page write copy
|
||
|
7FFD9B4E0000
|
trusted library allocation
|
page read and write
|
||
|
1E94D7F0000
|
heap
|
page read and write
|
||
|
25201C16000
|
trusted library allocation
|
page read and write
|
||
|
21B501F0000
|
heap
|
page read and write
|
||
|
2270000
|
heap
|
page read and write
|
||
|
2526E309000
|
heap
|
page read and write
|
||
|
8B2000
|
heap
|
page read and write
|
||
|
2526C290000
|
trusted library allocation
|
page read and write
|
||
|
F2A9A7F000
|
stack
|
page read and write
|
||
|
6FC6E7F000
|
stack
|
page read and write
|
||
|
1300000
|
heap
|
page read and write
|
||
|
377AB3C000
|
stack
|
page read and write
|
||
|
92A000
|
heap
|
page read and write
|
There are 1298 hidden memdumps, click here to show them.